Thursday, March 20, 2008

Review: The National Security Strategy of the United Kingdom

The United Kingdom has released the first ever National Security Strategy "set[ting] out the Government's approach to dealing with threats to national security, ranging from war and terrorism to climate change, disease and poverty."

The report summarizes a wide range of threats and provides a comprehensive prevention and control strategy. Within the report are several references to national threats from computer crime:

Under the heading of "Defending the United Kingdom against state-led threats" the strategy defines the requirements as:
  • "...to defend the territory of the United Kingdom, its sea and air approaches, its information and communications systems, and its other vital interests..."
  • "On intelligence, in addition to the major effort required to tackle the current level of terrorist threat, the security and intelligence agencies will continue to protect the United Kingdom against covert activity by foreign intelligence organisations aimed at political, economic and security targets, including cyber-attack."

Under the heading "Responding to global trends" the report discusses a strategy to handle cyber incidents:
"In response to the technological challenges, we are committed to working with international, public, and private sector partners to ensure that our government systems and critical national infrastructure are adequately protected against cyberattack.

"We are also investing, through the interception modernisation programme, to update our intelligence and law-enforcement capability to meet the challenges of rapidly advancing communications technology. We are committed to maximising the opportunities and benefits of the internet, by protecting the freedom to develop and host new services, while also reducing the scope for terrorists and criminals to exploit those opportunities and freedoms, and ensuring that the internet itself is resilient enough to withstand attacks and accidents.

"Finally, we support international efforts to monitor and protect the safety and security of new technology including the internet and communications networks, and the space assets that are increasingly important for communications. We will continue to explore how new confidence‑building and arms control measures might contribute to international security in this area."

Finally, under the heading "The interdependence of threats, risks and drivers – an integrated response" the report discusses how many of the threats to the United Kingdom are interrelated and discusses how cyber threats will be managed:
"The Centre for the Protection of National Infrastructure (CPNI) was established in 2007 to act as an interdepartmental organisation providing advice on information, physical and personnel security to businesses and organisations across the national infrastructure. CPNI works closely with the private sector, delivering advice to reduce the vulnerability of critical infrastructure to terrorism and other national security threats."
The full report is available at:

The National Security Strategy of the United Kingdom

No comments: